Contingency and computer-security emergency-response plans must be kept in a state of readiness. Three key components of readiness are tests that ensure that the plan will work as described; training that informs personnel of their roles and responsibilities vis-a-vis the plan; and exercises that simulate an emergency to test the plan's viability. The National Institute of Standards and Technology has created an in-depth guide to tests, training, and exercise programs as they relate to IT plans. The guide includes checklists as well as detailed sample objectives and scenarios. Read the guide: Test, Training, and Exercise Programs for IT Plans and Capabilities.